diff --git a/app/controllers/my_controller.rb b/app/controllers/my_controller.rb
index 84f5b20ca..41a6cacbd 100644
--- a/app/controllers/my_controller.rb
+++ b/app/controllers/my_controller.rb
@@ -50,10 +50,28 @@ class MyController < ApplicationController
def account
@user = User.current
@pref = @user.pref
+ #Modified by young
+ unless @user.change_password_allowed?
+ flash[:error] = l(:notice_can_t_change_password)
+ redirect_to my_account_path
+ return
+ end
+ #Ended by young
if request.post?
@user.safe_attributes = params[:user]
@user.pref.attributes = params[:pref]
@user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
+ #Added by young
+ if @user.check_password?(params[:password])
+ @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
+ if @user.save
+ flash[:notice] = l(:notice_account_password_updated)
+ # redirect_to my_account_path
+ end
+ else
+ flash[:error] = l(:notice_account_wrong_password)
+ end
+ #Ended by young
if @user.save
@user.pref.save
@user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])
diff --git a/app/views/my/account.html.erb b/app/views/my/account.html.erb
index fcd3c86c1..903891c4e 100644
--- a/app/views/my/account.html.erb
+++ b/app/views/my/account.html.erb
@@ -1,5 +1,4 @@
- <%= link_to(l(:button_change_password), {:action => 'password'}, :class => 'icon icon-passwd') if @user.change_password_allowed? %>
<%= call_hook(:view_my_account_contextual, :user => @user)%>
@@ -52,8 +51,20 @@
<% end %>
<%= call_hook(:view_my_account, :user => @user, :form => f) %>
+
+
+